[cod] help

NewLight Systems nls at newlightsystems.com
Fri Jan 29 18:29:53 EST 2010


you can't

El 30/01/10 0:23, david.lauriou at wanadoo.fr escribió:
> where can i find BFBC2 dedicated server ?
>
>
> ----- Original Message ----- From: "River Hosting - Info"
> <info at riverhosting.nl>
> To: "'Call of Duty server admin list.'" <cod at icculus.org>
> Sent: Monday, January 25, 2010 12:07 PM
> Subject: Re: [cod] help
>
>
>>
>> All you need is right here
>> http://www.fpsadmin.com/forum/showthread.php?t=11777.
>>
>> Met vriendelijke groet,
>> With kind regards,
>>
>> Julian Maartens
>> River Hosting
>>
>> info at riverhosting.nl
>> http://www.riverhosting.nl
>>
>> -----Oorspronkelijk bericht-----
>> Van: Bong-Master [mailto:bong-master at thesilverdagger.co.uk]
>> Verzonden: maandag 25 januari 2010 12:03
>> Aan: Call of Duty server admin list.
>> Onderwerp: Re: [cod] help
>>
>> My computer illiterate wife said 1.3 will fix this.
>>
>> --------------------------------------------------
>> From: "pet" <games at maxrate.pl>
>> Sent: Monday, January 25, 2010 10:53 AM
>> To: "Call of Duty server admin list." <cod at icculus.org>
>> Subject: [cod] help
>>
>>> Hi all members
>>>
>>> I have problems with crazy hackers which hacks my servers all the
>>> time. I
>>> mean call of duty 2 1.0. I know that You will say, change into 1.3, but
>>> this is not the solution. Couple times a day somebody hacks my
>>> server and
>>> its shutdown, after that I see in console "ERROR: Attempted to overrun
>>> string in call to va()".  How can I secure my server against this
>>> suckers
>>> which have nothing better to do with theirs empty brains. Please help.
>>>
>>> Pet
>>>
>>>
>>> "va() is a function of the Quake 3 engine used to quickly build strings
>>> using snprintf and a static destination buffer.
>>> Read more on: : i3D.net Game Forums
>>>
>> http://forum.i3d.net/call-duty-series-newsletter/48158-cod-cod-ww-1024-bytes
>>
>> -command-exploit.html
>>> If the generated string is longer than the available buffer the server
>>> shows an "Attempted to overrun string in call to va()" error and
>>> terminates.
>>> From Call of Duty 2 (and consequently) the size of this buffer has
>>> been reduced from the original 32000 bytes to only 1024 causing many
>>> problems to the admins.
>>>
>>> So in CoD5 an attacker which has joined the server can exploit this
>>> vulnerability through the sending of a command longer than 1024 bytes
>>> causing the immediate termination of the server."
>>>
>>> I try it, and it works. I you send this command to the server, it will
>>> crash:
>>>
>>> cmd aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
>>> aaaaaaaaaaaaaaaaaaaaaaaa
>>>
>>>
>>> so
>>> _______________________________________________
>>> cod mailing list
>>> cod at icculus.org
>>> http://icculus.org/mailman/listinfo/cod
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
>
>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>

-- 

*David Aguilar Valero*
Dpto. Comercial y Soporte técnico
NewLight Systems
*Servidores de juegos, HW, Dedicados*

*crk01 at nls.es*
crk01 at newlightsystems.com
tecnico at newlightsystems.com
#NewLight_Systems @ irc-hispano.org
*www.newlightsystems.com
www.nls.es*

This email and any files or attachments transmitted with it are intended
solely for the use of the intended recipient. This email is confidential
and may contain legally privileged information. If you are not the
intended recipient you should not read, disseminate, distribute, or copy
this email. If you have received this email in error, please notify the
sender immediately and delete it from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://icculus.org/pipermail/cod/attachments/20100130/1deb7999/attachment.htm>


More information about the cod mailing list